From detailed guides to online courses – resources are available to provide you with the knowledge necessary to build and integrate EHR applications.

Privacy by Design

The approach taken to protect privacy is to build the capability to make PHI widely available, but to tightly manage the access to it. The approach needs to be dynamic to ensure clients can access health care anywhere in Ontario and providers will be able to access their health care information. The key is to ensure that access to PHI is only granted to those who are authorized, and that the health care client’s consent directives are applied.

To ensure that the privacy of Ontarians is respected at all times when data is being accessed, collected, used or disclosed through the EHR, the principles of Privacy by Design (a concept developed by the Information and Privacy Commissioner of Ontario) have been embedded into the EHR blueprint (see 

Privacy by Design consists of seven principles which, when operationalized, will permeate all aspects of the creation and management of EHRs. It advances the view that the future of privacy cannot be assured solely by compliance with regulatory frameworks, but that privacy assurance must become an organization’s default mode of operation (Information and Privacy Commissioner, Ontario, Canada, 2011). Privacy by Design seeks to embed privacy and accountability into every aspect of the EHR’s business practices, information technologies and physical infrastructure.

An example of how privacy has been built into all aspects of the EHR by default, specifically business processes supporting the use of PHI, is Privacy Common Understandings (PCU). These establish a shared approach to privacy practices between eHealth Ontario and the regional hubs, and ensure compliance with PHIPA by identifying specific roles and responsibilities for privacy across users of the EHR. 

Privacy controls built into the EHR include:

  • Privacy training for users of the EHR
  • Use of anonymized data for testing purposes
  • Logging and monitoring of access
  • Maintenance of audit logs
  • Encryption of all data in transit
  • Specific purposes for the access, collection, use or disclosure of PHI in the EHR
  • Segregation of repositories of data for specific identified purposes
  • Access controls for users of the EHR
  • Consent rules applied by default to all transactions crossing the eHealth Ontario HIAL segment that require access to PHI
  • Agreements outlining the roles and responsibilities for protection of PHI
  • Transparent privacy practices
Back to Top

Explore the Blueprint

Multiple views describe the many ways the blueprint supports EHR delivery.

Get Us Involved

From advisory consultations on blueprint alignment to standard selection, we can help you align, adopt and implement solutions.

Contact Us

Stay Up To Date

Published four times a year, the Blueprint Bulletin provides readers with regular insight into the elements, services and new developments associated with the Ontario eHealth blueprint.

Looks like you’re using an old browser.

To view this site, you’ll need to upgrade your browser.

Upgrade Now